gvsafronov/futriix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ACL LOG: implement ACL LOG subcommadn skeleton.

Browse Source
This commit is contained in:
antirez 2020-01-28 17:30:50 +01:00
parent 2d06604451
commit e6eafd3e1f
1 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/acl.c
View File

@ -1477,6 +1477,11 @@ typedef struct aclLogEntry {
sds cinfo; /* Client info (last client if updated). */ sds cinfo; /* Client info (last client if updated). */
} aclLogEntry; } aclLogEntry;
/* Adds a new entry in the ACL log, making sure to delete the old entry
* if we reach the maximum length allowed for the log. This function attempts
* to find similar entries in the current log in order to bump the counter of
* the log entry instead of creating many entries for very similar ACL
* rules issues. */
void addACLLogEntry(client *c, int reason, int keypos) { void addACLLogEntry(client *c, int reason, int keypos) {
/* Create a new entry. */ /* Create a new entry. */
struct aclLogEntry *le = zmalloc(sizeof(*le)); struct aclLogEntry *le = zmalloc(sizeof(*le));
@ -1518,6 +1523,7 @@ void addACLLogEntry(client *c, int reason, int keypos) {
* ACL GETUSER <username> * ACL GETUSER <username>
* ACL GENPASS * ACL GENPASS
* ACL WHOAMI * ACL WHOAMI
* ACL LOG [<count> | RESET]
*/ */
void aclCommand(client *c) { void aclCommand(client *c) {
char *sub = c->argv[1]->ptr; char *sub = c->argv[1]->ptr;
@ -1704,6 +1710,36 @@ void aclCommand(client *c) {
char pass[32]; /* 128 bits of actual pseudo random data. */ char pass[32]; /* 128 bits of actual pseudo random data. */
getRandomHexChars(pass,sizeof(pass)); getRandomHexChars(pass,sizeof(pass));
addReplyBulkCBuffer(c,pass,sizeof(pass)); addReplyBulkCBuffer(c,pass,sizeof(pass));
} else if (!strcasecmp(sub,"log") && (c->argc == 2 || c->argc ==3)) {
long count = 10; /* Number of entries to emit by default. */
/* Parse the only argument that LOG may have: it could be either
* the number of entires the user wants to display, or alternatively
* the "RESET" command in order to flush the old entires. */
if (c->argc == 3) {
if (!strcasecmp(c->argv[2]->ptr,"reset")) {
/* TODO: reset the log. */
addReply(c,shared.ok);
return;
} else if (getLongFromObjectOrReply(c,c->argv[2],&count,NULL)
!= C_OK)
{
return;
}
if (count < 0) count = 0;
}
/* Fix the count according to the number of entries we got. */
if ((size_t)count > listLength(ACLLog))
count = listLength(ACLLog);
addReplyArrayLen(c,count);
listIter li;
listNode *ln;
listRewind(ACLLog,&li);
while (count-- && (ln = listNext(&li)) != NULL) {
addReplyLongLong(c,1234);
}
} else if (!strcasecmp(sub,"help")) { } else if (!strcasecmp(sub,"help")) {
const char *help[] = { const char *help[] = {
"LOAD -- Reload users from the ACL file.", "LOAD -- Reload users from the ACL file.",
@ -1716,6 +1752,7 @@ void aclCommand(client *c) {
"CAT <category> -- List commands inside category.", "CAT <category> -- List commands inside category.",
"GENPASS -- Generate a secure user password.", "GENPASS -- Generate a secure user password.",
"WHOAMI -- Return the current connection username.", "WHOAMI -- Return the current connection username.",
"LOG [<count> | RESET] -- Show the ACL log entries.",
NULL NULL
}; };
addReplyHelp(c,help); addReplyHelp(c,help);